Mozilla Updates for Multiple Vulnerabilities

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

Apple has released Safari 3.2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information.US-CERT encourages users to review Apple Article HT3298 and apply any necessary updates.

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

Mozilla

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

Mozilla Updates for Multiple Vulnerabilities

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

Opera Software has released Opera version 9.60 to address two vulnerabilities. The first vulnerability is due to improper validation of URLs. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The second vulnerability is due to unsafe storage of cached Java applets. Exploitation of this vulnerability may allow an attacker to obtain sensitive information or escape other normal restrictions.US-CERT encourages users and administrators to review Opera Advisory 901 and 902 and upgrade to version 9.60 to help mitigate the risks.

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

Mozilla has released Firefox and Thunderbird v2.0.0.17 and Firefox v3.0.3 to address multiple vulnerabilities. These may allow an attacker to execute arbitrary code, obtain sensitive information, conduct cross-site scripting attacks, cause a denial-of-service condition, operate with escalated privileges, or conduct Clickjacking attacks. Note that Firefox v3.0.2 was initially released to address these vulnerabilities. Version 3.0.3 was released to correct a flaw that was unrelated to the vulnerabilities.US-CERT encourages users and administrators to do the following to help mitigate the risks:Review the Security Advisories for Firefox 2.0.0.17.Review the Release Notes for Firefox 3.0.3.Upgrade to Firefox and Thunderbird 2.0.0.17 or Firefox 3.0.3 as necessary.

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

Mozilla has released Firefox 3.0.2 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, enabling cross-site scripting, privilege escalation, information disclosure, and denial of service. As described in the Mozilla Foundation Security Advisories, some of these vulnerabilities may also affect Thunderbird and SeaMonkey. US-CERT encourages users to do the following to help mitigate the risks:Review the Mozilla Foundation Security Advisories.Update to Firefox 3.0.2.

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

US-CERT is aware of public reports of a vulnerability that affects Webex Meeting Manager. This vulnerability is due to improper handling of arguments passed to the “NewObject()” method within the WebexUCFObject ActiveX control (atucfobj.dll). By convincing a user to visit a specially crafted web page, a remote attacker may be able to execute arbitrary code.Public reports indicate that Webex has addressed this issue in Meeting Manager version 20.2008.2606.4919. US-CERT encourages users to upgrade to this version or set the kill bit for CLSID 32E26FD9-F435-4A20-A561-35D4B987CFDC. Information about how to set a kill bit can be found in Microsoft Support Article 240797.

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

Microsoft Office Snapshot Viewer ActiveX Vulnerability

Read More…
Source: US CERT

The Hackers’ Nightmare is here!

US-CERT is aware of public reports of a vulnerability that affects Webex Meeting Manager. This vulnerability is due to improper handling of arguments passed to the “NewObject()” method within the WebexUCFObject ActiveX control (atucfobj.dll). By convincing a user to visit a specially crafted web page, a remote attacker may be able to execute arbitrary code.Public reports indicate that Webex has addressed this issue in Meeting Manager version 20.2008.2606.4919. US-CERT encourages users to upgrade to this version or set the kill bit for CLSID 32E26FD9-F435-4A20-A561-35D4B987CFDC. Information about how to set a kill bit can be found in Microsoft Support Article 240797.

Read More…
Source: US CERT

The Hackers’ Nightmare is here!